惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V
Vulnerabilities – Threatpost
aimingoo的专栏
aimingoo的专栏
B
Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
GbyAI
GbyAI
阮一峰的网络日志
阮一峰的网络日志
Engineering at Meta
Engineering at Meta
IT之家
IT之家
V
Visual Studio Blog
The Cloudflare Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
A
About on SuperTechFans
博客园 - 聂微东
Blog — PlanetScale
Blog — PlanetScale
N
News and Events Feed by Topic
A
Arctic Wolf
WordPress大学
WordPress大学
小众软件
小众软件
C
CERT Recently Published Vulnerability Notes
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
D
Darknet – Hacking Tools, Hacker News & Cyber Security
F
Fortinet All Blogs
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Y
Y Combinator Blog
T
Threat Research - Cisco Blogs
Latest news
Latest news
Simon Willison's Weblog
Simon Willison's Weblog
Cyberwarzone
Cyberwarzone
S
Schneier on Security
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
L
Lohrmann on Cybersecurity
Stack Overflow Blog
Stack Overflow Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
P
Privacy International News Feed
J
Java Code Geeks
Spread Privacy
Spread Privacy
宝玉的分享
宝玉的分享
I
Intezer
L
LangChain Blog
Hacker News - Newest:
Hacker News - Newest: "LLM"
G
GRAHAM CLULEY
博客园 - 叶小钗
博客园 - 三生石上(FineUI控件)
The GitHub Blog
The GitHub Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
N
News and Events Feed by Topic
AWS News Blog
AWS News Blog
Attack and Defense Labs
Attack and Defense Labs
Security Archives - TechRepublic
Security Archives - TechRepublic
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO

CloudCannon Blog

Building with AI: Git-based vs headless vs traditional CMS CloudCannon + Astro: performance meets powerful content management Introducing the Astro Component Starter Introducing Jetstream — built on the Astro Component Starter Why we switched to the system font stack Redesigning CloudCannon’s docs with Diátaxis, Lume, and Pagefind Make content editing more visual: upgraded Editable Regions How Configuration Mode makes building editing interfaces easy Your hosting just got an upgrade (and a price cut) Custom testing domains for professional branding Keep your content consistent with input validation Managing multilingual content in CloudCannon Simplify team publishing with conflict resolution and domain tools Open Beta: Publishing Conflict Resolution Getting started with CloudCannon and Astro: Bookshop, components, and live editing Welcome to the CloudCannon Community! Omnichannel delivery is just marketing spin from API-based CMS companies Getting started with CloudCannon and Astro: Snippets and Collections Managing digital assets in CloudCannon: a guide to smart asset storage Understanding CloudCannon's branching workflows and Projects: a complete guide What is a static website? CloudCannon’s 2024 wrapped Getting started with CloudCannon and Astro: WYSIWYG blogging Jamstack vs. WordPress: reasons to make the change The top five static site generators for 2025 (and when to use them!) Free Jekyll themes for 2025: ten great community options Eleventy (11ty) vs. Hugo How to set up WYSIWYG editing with MkDocs Material The rise of static-first websites: why major brands are making the switch Watching your Core Web Vitals on Jamstack Understanding the difference between static, dynamic, and hybrid websites Looking for an alternative to Netlify CMS or Decap CMS? Designing components for your website editors: a CloudCannon case study Does my website look big in this? Six tips to lower your page weight Content is sacred — so own your revision history The eternal balancing act: load time vs. delay time Streamlined Headless Mode, Unified Configuration, and live data editing What is a headless CMS? Looking for a TinaCMS or Tina Cloud alternative? The ultimate guide to Hugo Sections Coming soon: Live config editing and data reloading Faster publishing workflows out now! Why information architecture matters for your website Website UX vs SEO: picking your battles Easily manage your multilingual Astro site in CloudCannon How you can optimize publishing workflows for your content team How you can optimize your CMS for SEO success How you can optimize your Content Editor for long-form articles How you can optimize your Visual Editor for page building Secure, swift, and stable: static sites for the financial sector Building static sites that scale The Inaugural 11ty International Symposium on Making Web Sites Real Good How to manage hundreds of connected websites with a Git-based headless CMS How we’re building CloudCannon for accessibility CloudCannon’s new editing improvements are here! Open Beta | New ways to collaborate on editing your websites Top 11 free Eleventy themes for 2024 Top 10 free Astro themes to use in 2024 Why choose a Git-based headless CMS over a monolithic DXP in 2024? Learning web development: a self-guided roadmap Partner Site of the Month: Blüthner Piano Centre, by Winteractive CloudCannon’s 2023 wrapup Let’s create a microblog with visual editing using Bookshop and Eleventy Update and visualize your branches with CloudCannon Projects What is a Git-based CMS and why you should use one CloudCannon secures SOC 2 certification The complete guide to growing your web development agency Automatically optimize your images with Eleventy Image and CloudCannon Share components and syndicate content with Site Mounting Partner Site of the Month: Cru Uncorked, by Ed Meehan New web component for responsive HTML tables Wrapping up HugoConf 2023 Partner Site of the Month: Van Dillen Antieke Bouwmaterialen, by Fulldev How to become a freelance web developer: a comprehensive guide Q3 2023: CloudCannon features and improvements 22 ways to deliver more value to your web development clients Partner Site of the Month: DC Gay Flag Football League, by Ed Cupaioli A new way to configure your CloudCannon sites CloudCannon — the official CMS partner of Eleventy Full CloudCannon support for Nuxt static sites Partner Site of the Month: Stadium Bike, by Insight Creative, Inc. HugoConf 2023, brought to you by CloudCannon DAM Support for Cloudflare R2 and DigitalOcean Spaces Eleventy (11ty) vs. Gatsby in 2023 – which SSG is best for you? How CloudCannon’s live editing works with Astro and Bookshop Partner Site of the Month: Fiducian, by Croissant & Baguette Eleventy (11ty) vs. Astro How to customize CloudCannon’s Client Sharing interface Let anyone, anywhere, edit your CloudCannon sites Top 23 free Astro themes for building out-of-this-world static sites in 2023 How Jampack optimizes our Eleventy website and improves performance Astro vs. Next.js CloudCannon.com is now built with Eleventy! Out-of-this-world support for all Astro users Introducing the CloudCannon Partner Program Full CloudCannon support for Gatsby Top 10 Free SvelteKit Themes for Building Lighting-Fast Static Sites in 2023 Enhanced CloudCannon support for Next.js users Upcoming CloudCannon Interface improvements (Open Beta) Creating sites, the Jamstack way
Enhanced flexibility for teams with Custom Permissions
2024-05-31 · via CloudCannon Blog

As your team grows, it's important to have a secure and flexible way to manage who can access and modify your websites, content, and underlying code. That’s why we’ve added Custom Permissions to our Team and Enterprise plans, allowing you to define granular access levels tailored to the unique needs of your team and projects.

All CloudCannon users have access to Default Permission Groups — you’re likely familiar with the idea of your role as an Owner, Developer, Technical Editor, or Editor. Each of these Groups has a pre-defined set of permissions, so you can select the appropriate level of control for each team member.

This approach captures most common roles, but if your team has specific access requirements or compliance and security constraints, we realize that default permission sets aren’t enough. (And try as we might, we can’t anticipate every potential role you might have in your organization!)

With our new Custom Permissions, though, Owners on Team and Enterprise plans are able to create Custom Permission Groups to permit any action within your Organization — including viewing, editing, merging, branching, publishing and adding assets.

If you'd like all the details, check out our exhaustive Custom Permissions documentation!

Custom Permissions features Direct link to this section

Flexible permission scope Direct link to this section

Permissions can be scoped globally across your entire Organization, or limited to specific projects, sites, groups, or base domains — whatever makes sense for your setup. You can specify exactly which resources each group has permission to view, edit, create, or delete. No more ambiguity or unintended access.

You can define exceptions within any group to allow for maximum flexibility. For example, give access to an entire project, with the specific exception of the production site.

Duplicating permissions Direct link to this section

Adding new permissions can be as easy as cloning an existing permission, and changing any detail. For example, if your editing team needs the same permissions with a Site scope across different site properties, you can create a single permission Group, then duplicate it — the only change you’d need to make is defining a specific site for each Group.

Increased security, more control Direct link to this section

With Custom Permissions, you have complete command over your organization's access levels. This powerful new feature ensures your critical web resources are secure while making permission management straightforward. Enterprise customers can contact CloudCannon's Success Team for support during your access review cycles.

Getting started Direct link to this section

To start taking advantage of Custom Permissions, Organization Owners can navigate to the Team page under Org Settings, create new Groups and define permissions, and begin assigning team members to those Groups. Here you can also set the scope for permissions, from global, to project, site, group, or base domain. Organization Developers can also add and remove team members.

Everyone can also check which groups they belong to on the My Permissions page. We’ve made it as intuitive as possible to set up, and to maintain your Groups.

There are any number of combinations to the new available permissions, but let's take a look at a few key examples to see how they might work in practice.

Grant or restrict access to files (e.g. pages or posts) Direct link to this section

Using file globs to grant or restrict access to files

A file glob is a pattern used to identify matching files. Using a file glob, you're now able to give users full access to a single page within a single site, or perhaps all files within a particular collection. Depending on the level of access that users are given — read or write — members of a custom group will be able to view that file, edit it, and save changes to it whenever they want.

Preventing access to particular files that match your file glob works much the same way, only you'd define an exception to a rule. An editor might, for example, be able to edit and publish everything on a site apart from a company's quarterly financial reports, which could be restricted to key personnel. You may want also to restrict access to a website's technical configuration file.

Combining read and write permissions with a publishing restriction Direct link to this section

Combining read and write permissions with a publishing restriction

One thing we love about the new custom permission set is the ability for user roles to reflect users' work responsibilities. For some roles, this might include drafting new content, but not publishing it.

We'd start by selecting the scope for this permission, targeted to a specific project or site. This way we can choose where the writer is allowed to create new content. We'd give them write access to their target, as well as site:publish:pull-request:open, which would enable them to open a PR to merge their branch, in essence requesting a content review from someone else in their team.

Because we haven't given this user access to site:publish:pull-request:merge, the writer would not be permitted to merge their staging branch and publish to the live site.

There's a huge variety of content-related permissions to choose from, but to give a sense of what else is possible, let's move on to technical and management permissions as well.

Handling domain migrations and site records Direct link to this section

Scoping to base domains

Balancing permissions and restrictions can let your users do the things they need to, while removing the possibility of accidental data loss.

Let’s imagine you have a new developer on your team, handling all of your domain migrations, and managing your DNS records. But you don’t want this dev to accidentally release one of your base domains. (NB: This would only be possible after a Site is disconnected, but we can be doubly sure by setting explicit permissions.)

In this scenario we'd give the developer write access to base-domain at a Global scope, and add an exception to write access to base-domain:delete at a Global scope. The developer can now view and update all settings and DNS records, but can’t release a base domain.

Group membership and management Direct link to this section

Scoping to groups

In addition to the above, you can also scope permissions to groups, which gives members permission to control their own groups. For example, you could create a 'Managers' permission group that lets managers view and edit their own groups, as well as add and remove members from their groups.

You could also add an exception to this permission set, which would prevent managers from accidentally deleting a group.


Our Permissions reference document has every single permission available to Custom Permissions users. With around ninety permissions currently available, there are any number of permutations on the permissions (and exceptions) available — and you’re free to fine-tune your permissions and Groups at any time, to match exactly what your team and your organization needs.

If you have any questions about how to set up the permissions you need, our support team is always happy to hear from you.


Custom Permissions are available immediately for all Team and Enterprise plans.

We're excited about the possibilities this opens up for teams to more effectively collaborate while maintaining proper access controls. Give it a try and let us know what you think! As always, our support team is here to assist with any questions.